On Sun, 11 Aug 2002 06:59:29 +0200, Russell Coker <[EMAIL PROTECTED]> said: > > With such a PAM module installed anyone who can write to your home directory > can change your password.
The module provides only PAM auth and session components, so they can't literally change your password. Yes, if they can write to your ~/.ssh directory they'll be able to authenticate as you for any program which uses the pam_ssh.so auth scheme, but if they can do that they can already log in as you (by putting their key into your ~/.ssh directory) and connecting with SSH. Of course, installing the module won't turn it on for any PAM clients. The admin will choose how they want to use it. -- Roderick Schertler [EMAIL PROTECTED]
